From 70ac3393d677da85aeab2a208ece874f13eb0e60 Mon Sep 17 00:00:00 2001 From: Jan-Simon Moeller Date: Thu, 20 Jul 2023 22:42:38 +0200 Subject: [PATCH] Update certificates to include localhost and 127.0.0.1 This updates the certificates to have subjectAltName defined as subjectAltName=DNS:$1,DNS:localhost,IP:127.0.0.1 It allows clients from the localhost to connect. We're debating if we need the IP:127.0.0.1 going forward, so this might change in the future. Bug-AGL: SPEC-4868 Change-Id: Ic6bbf5fd55b9f6a14a84512ae8748b3f48dbc3c1 Signed-off-by: Jan-Simon Moeller --- .../kuksa-val/kuksa-certificates-agl/CA.pem | 42 ++++++++-------- .../kuksa-val/kuksa-certificates-agl/Client.key | 55 ++++++++++---------- .../kuksa-val/kuksa-certificates-agl/Client.pem | 49 ++++++++---------- .../kuksa-val/kuksa-certificates-agl/Server.key | 55 ++++++++++---------- .../kuksa-val/kuksa-certificates-agl/Server.pem | 49 ++++++++---------- .../kuksa-certificates-agl/genCertsAGL.sh | 58 ++++++++++++++++++++++ 6 files changed, 177 insertions(+), 131 deletions(-) create mode 100755 recipes-connectivity/kuksa-val/kuksa-certificates-agl/genCertsAGL.sh diff --git a/recipes-connectivity/kuksa-val/kuksa-certificates-agl/CA.pem b/recipes-connectivity/kuksa-val/kuksa-certificates-agl/CA.pem index 55e344094..b3fa17d69 100644 --- a/recipes-connectivity/kuksa-val/kuksa-certificates-agl/CA.pem +++ b/recipes-connectivity/kuksa-val/kuksa-certificates-agl/CA.pem @@ -1,23 +1,23 @@ -----BEGIN CERTIFICATE----- -MIID2TCCAsECFF8Fc0+krnLo4rK6tD8ZS5JVGX3kMA0GCSqGSIb3DQEBCwUAMIGo -MQswCQYDVQQGEwJDQTETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2Fu -IEZyYW5jaXNjbzEZMBcGA1UECgwQTGludXggRm91bmRhdGlvbjEVMBMGA1UEAwwM -bG9jYWxob3N0LWNhMTowOAYJKoZIhvcNAQkBFithZ2wtZGV2LWNvbW11bml0eUBs -aXN0cy5hdXRvbW90aXZlbGludXgub3JnMB4XDTIzMDQyNDIwMzAyMloXDTMzMDQy -MTIwMzAyMlowgagxCzAJBgNVBAYTAkNBMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYw -FAYDVQQHDA1TYW4gRnJhbmNpc2NvMRkwFwYDVQQKDBBMaW51eCBGb3VuZGF0aW9u -MRUwEwYDVQQDDAxsb2NhbGhvc3QtY2ExOjA4BgkqhkiG9w0BCQEWK2FnbC1kZXYt -Y29tbXVuaXR5QGxpc3RzLmF1dG9tb3RpdmVsaW51eC5vcmcwggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQDmBHNxOpBfmYo8bc0omNuKDnnZuhB4JTbgmblN -XCiPECdgVgSAD99YAaY/+LFKsUfwv0hMU45HcRPTN8CmijGFPMP9dmP6xZ6aCwPw -gwCE8lTwiFp/L0BNySVhXwakCqhqssCNvmBXpJf+J+7MYXYInieBotetlAEPMV6B -fcfJZxC00YVKlQX6vKQsxQB8LlSj57UwyjS0zYIhm3G5rAYLaEokgttbBDB5XKL2 -6D0yvqsdUoJygAeouq6PME8SiAY91ZwIwfL3BJyNoNnxxyJ7iRj28dmoetvtNQCl -DrU82GG/hUeFF5KnLj65yHOrLiRlquHKgIG+XOvfp7WfXbstAgMBAAEwDQYJKoZI -hvcNAQELBQADggEBAN+rVHBSJDYk6soCcd6a+zonWOiHJxw5JRbdWE56F1wvS5fv -CFLlJ01JeaXdVdISh4/zk1sFnsGQ1NRv8C/LffciNpDpKugJgKcA1BYWECj0J9h9 -yR6Nw/Ifx3ovTJi9Rm6uYoH2shNbfX0H1HUZjLzMDZJUVdwI2bkekbYmJXI6XIAP -3p4PFs0rH37z+ioIw10ubKdFjGMIW6vYcfWV6L/ybrh+dZ5GDkNncSaspMzf79PC -7sAs9/RQkp92bmvygKkXO7zNBGjPF8osoY1rv9D201Ux1gJtfn3qde0LgdvOMoq8 -scN3iO1TU2pFNhxgcCkFkLmUHSceWK4l/Bxj1kM= +MIID3zCCAscCFDixxnLKOE9pr9sDQynjRqX7u+TlMA0GCSqGSIb3DQEBCwUAMIGr +MQswCQYDVQQGEwJVUzEWMBQGA1UECAwNU2FuIEZyYW5jaXNjbzETMBEGA1UEBwwK +Q2FsaWZvcm5pYTEcMBoGA1UECgwTYXV0b21vdGl2ZWxpbnV4Lm9yZzEVMBMGA1UE +AwwMbG9jYWxob3N0LWNhMTowOAYJKoZIhvcNAQkBFithZ2wtZGV2LWNvbW11bml0 +eUBsaXN0cy5hdXRvbW90aXZlbGludXgub3JnMB4XDTIzMDcyMDIwMzg1NVoXDTMz +MDcxNzIwMzg1NVowgasxCzAJBgNVBAYTAlVTMRYwFAYDVQQIDA1TYW4gRnJhbmNp +c2NvMRMwEQYDVQQHDApDYWxpZm9ybmlhMRwwGgYDVQQKDBNhdXRvbW90aXZlbGlu +dXgub3JnMRUwEwYDVQQDDAxsb2NhbGhvc3QtY2ExOjA4BgkqhkiG9w0BCQEWK2Fn +bC1kZXYtY29tbXVuaXR5QGxpc3RzLmF1dG9tb3RpdmVsaW51eC5vcmcwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDJZvopAg03G1TuyukI2QdVTzHQxnG +iPePMVIBAQ8M5tBWBOZxxkOgwRBTqZ1GJRvgPPediPHb3+/j+k5/+NE8TT2smDfk +4u9+NBNFXGhC9jqoEe0nkxca85RHP1Jx1iIp8SJ1TTtzEu4q/O/9bCnA+05NPLWQ +YbDZr++lR4Bwhpz0ZVD69uZE/7aXPKVoVQPyeiwNgP7sfn5XOx+THpYz2Lwl2ew/ +490Mm5Wrw5pQkq49s5On5tR7cdms3CWnVKe+qpeJo/ShZg8mJesMusZRLZ3slSPp +GMVBbdFPhIv0L4HFzoJcnEzo1j6+h7fhu4v5T2qNkCkBlxehqvsy3DwfAgMBAAEw +DQYJKoZIhvcNAQELBQADggEBALNHiz8a86sZv6Pii/rtrlctD2x1qIobOAjQID55 +/ylAVPc0JuzGEpc8Hcl9jQXBFz2ZBBYTEn0iAB+nn9BnxWYpF/G9LQsz61uzdJJs +0WlR3FyjN8PwCysMwzGEmG2BH43vfg9oltAKxY4rZ3l5c8eL/a9o2vDzNjKNibll +NdLB+8NkZz33pjyru1sG2lw6Y1gxhcOMSU7MuHgW1YI06slBu56e92OQt5atRc6l +rY9faELSJpLhtKYF9spsS/LsITJrKdVkMZRgqrhoWAIB9qyehtBGk+Agk8MvBba8 +nRAF332SyeLeN/ytJTbjOmcYVh9daGADdyRb5d+5ALBuutU= -----END CERTIFICATE----- diff --git a/recipes-connectivity/kuksa-val/kuksa-certificates-agl/Client.key b/recipes-connectivity/kuksa-val/kuksa-certificates-agl/Client.key index 9cfb343e4..73b67f5c4 100644 --- a/recipes-connectivity/kuksa-val/kuksa-certificates-agl/Client.key +++ b/recipes-connectivity/kuksa-val/kuksa-certificates-agl/Client.key @@ -1,28 +1,27 @@ ------BEGIN PRIVATE KEY----- -MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCzek7Ri6AbR7O1 -V08kZ7xVXcWl7sKr0XV9xEXrtNcVLWCDY4GFxqpkHVJdu8Z8PzPE2d5YkcIwXJRP -VV8+IekT6f58MhVuVFltPeYhuGHZ6FGZppX2pIVkijcvSLOySMT1tPMzs/l8ouOo -XuhP8nJl+d3JMJDrTF1O2Hzg/Ej28nwQRupT4NjBB1mxv0SBTbEcsz9HnlkRP4Tu -lRvUEd3DB1j9bjinroYe1bOpjA57dambLcf44KbkNgk0hxcf1jdeKjpaCboRhvuM -HlMEHx9v/lP0GGmsoaPGlWP+VUkgFOcNcm0zv7gjrjmlwaCJlGvlhyfWNyppi4rt -8cosVpANAgMBAAECggEAAnmryOYON/IZWtMMJs7QBbTO8gbE0fvRH2/rr4TzHUxe -xWNoXXfQYzaDvd3GHE1sjzaalbeODexo8hVxMh2/Ci38H886vCapX+8J5eoDzAn+ -69LboAufZjQBONXdtbrBxKW/OzW+p0JmI2Pl/An/iZ8Ub9XCWefX21AYLodQyJXx -7AXo93xoB/KwX6r7BJpiyb8dR2lAAY7EMDWCOuXKm6sRplxn/PnWBkj4ZWtWaBEV -c4j90ML4H5qipSNiEWhcG3GHejdN/bKxYZMtk90J+XAuNe8Q0Y9jsYA62HPYutzc -uZUrn5a4X01WXbsYQ83SZ0vjL6Xd8v+7DvnX/z5tQQKBgQDeXUyIfjwd7ZZx1jNS -Br1IRG0IMBUsvJqKbmTCktpD+C8VMqxuZcNdu7n3SgCXtGjK+AQ3mAQT3ksqNiRx -dggGYLsTGVVpSmMxJ4+u5mu4qZJFAjsawJ3tozLS92L26magiZMka9TBWJmrAFg1 -boxnk3IQvsL3DMu9SQ00KdilnQKBgQDOoEq92m8DJtSiFPEwn8uyPrXCqB3ptFwj -iSLAJ5lVfAlLhRD+6Tx8OsUJQtohSgwTWGKtYNd333dnfnqAYGiRbM5sEas75iRV -qpl7ZmW4iLcC+etBt1CtrCBQVpTDTQ/IeQ7jvF6x6+VaBt/ZtzAtRk59Y3dPE3FV -B878t3pBMQKBgGQQsEQsKnl9VVpc/jNHfR5sTHSGzsCXDySEkStOUpKLuQRdDWOQ -v94KgKFb1/Bs60uLWLp72jnmqwSP4M5+QxY7qXPqzpjXNNQF7Y7Tel5bUMtlOZvM -WkV6T4DIeuyKhyxvPJwDOnbXnC9rtEY3PU/O9mG6tpneVEEWAq8atbexAoGADPE7 -XUL2WyMuhGx9YwdPUf3dkrDHFuFmOA+Z7qFMWG9pgaJ3GxBu6nUf7GGUmisyMHAD -1kpPlMGZkBD7CVmAk0NWdqxwplLXCcqizHjwfCuMExKmarpZwlcauw2BSe5kw7DZ -fuhIoipddlMh6FgyG1PhDLeTPI/CNIpFq8yuSrECgYB/IIesOWMECssR83bMAymz -zZpddnefYAxGvD4/odLGrAz7g8UcYV/5QbG4IY/BkcAoIsg8qgbPy+vErtaHOzn+ -BSTCDpHqDFT75aWv5F5bBNKkbfe2J+Bc4TjRTaIzXxp/akNW8ubrECLargFDgVx5 -ig3x9DZLf4Tc3Kus7dHkJA== ------END PRIVATE KEY----- +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAyISsHMGwy8dvhx+tPQOGtgtb9YDWS0kRMPcOou3QlUjAcXmz +vT2dLIwOnnRYBS9nENDqI4x52yECUBwVNIvoeiZlQqjKhSr2BOpwJIgJgqeKr4he +sU9M9s3ODqR2sdUhv7e54sRYSFv5Hs35Horr3guSRh12FtWh+iLT2PI75jbi3KjP +mK4yZGJmoSQWh+q/vhB5CQtdAcA/08aoZnhyMOGqBMzmhr1PDm7UbzZIcp2Lxs3x +q3PBJq5eMF6N3S8ssETz7WOqX0vnBdgl4DhMYCVgrjppXzmcYYbkm4uluKVf8sR7 +cAbSaoUUft2G4mLXNBE1RJVpYrzHIQW7OphjqQIDAQABAoIBAGfnl+gu1hZCeiBi +4bpEIYIj0Lsez+yjKC1fWE5FPVieIlqq3eCqFNAIo2qojxPgxF+KYkmZeWt7Z19r +rfFUrlrdmos4O/lVkbZqZUII3CS//LWIzMjEdvVNIAGmZ3svHhXidohzheu4/RZh +VT3mbuLYzCtZCOA8Q3sCoRRCMZfQ3jrTEvak4xrgotihL3bEUOIrA8Tyv8AaAhmP +nIKV+0pS/d8xCkpIBmkNxVtNRAGvsQK5i7DsQYFEDKzbFjhXz7jRapfesAQACEgJ +0yLYKSoiHktuyHIPspj37BdTZva6vNkabJVcDKXMIuRd5xnypiygv7vo+onHJ5Rw +T9TzryECgYEA6oe9qYdiXsKygUji9W6rqYGPAl6o56nyAX6QrKnKhCQBmyVYgBB5 +YmehULzjK1Xvno5ophiBkojnCE8y99liEWZWnE9p2pr8O028ZfQficfbjWgkqmL5 +awmUTON40wK7QkpWj81YwbARYAQuC611R4MfzLWlnxxHacvBZc8x2j8CgYEA2t/a +s6dW2XuqfEgfS/oKI/9i1/CXnPFVAueAPCCl/Ee/QAGJMdmSf4yonnbnOycGMdSh +QGYUHb/PT7i04U+92T+rniprXn3QFz6iwF6X6nCkdlw9RxcWAOmg5l0yIoo9bp7J +LmVnbn2Y2TOy8/Djq47gypTH8H0VSVg5BjKgOBcCgYAG3giosSUpPyw46uhyZVYz +dW65lAoAFpLWhl04IRSj/+XoJBTOUy0qu3wWwCEqwK5uhx77VhZdMxMIxEDqzvu3 +JLb+hrjDxOwD1IfiuF5AC5EbN+Ry9Mj24GXuRm7gRuEy1LhqJ4okycIIfLbYcrDP +ckB5HwyFdy+EIoo8L+/2wwKBgQDallPJteaTvuCtzC2NaEK2XritZjdUYuR+yQqV +ghmjEVhcKOyGX37iaWyBDciyl6+lFnCQayHN8CCvwozKtCOrEt5nUH/4V3f5rvFF +Y3MejK6DEm2UUOcFtE2foxWNzze5AVV0Q4t/mmmLCgm/fCUz0baIOvxPHeyjWjth +CDBgswKBgQDj5QlFkdlgJvdJweHUSWm0vssFCgCucWEPgy5iOo4MDxEHq0r1AZWU +K5j1xabtD73K6JmO3ElvSELGAd1MlvRzeZMsSP8goCk3e8a85js2sRPwDxGHa0Dd +Ef7DoyFp6UIDOUAX6R2ylPyZYqM7bowoLdGIwh9jo8fZnvHn/UCw0w== +-----END RSA PRIVATE KEY----- diff --git a/recipes-connectivity/kuksa-val/kuksa-certificates-agl/Client.pem b/recipes-connectivity/kuksa-val/kuksa-certificates-agl/Client.pem index 7143d7d75..fcd92b6e5 100644 --- a/recipes-connectivity/kuksa-val/kuksa-certificates-agl/Client.pem +++ b/recipes-connectivity/kuksa-val/kuksa-certificates-agl/Client.pem @@ -1,29 +1,24 @@ -----BEGIN CERTIFICATE----- -MIIE5zCCA8+gAwIBAgIUZsoE7a5zcY96l9fWgANt2eueQ+cwDQYJKoZIhvcNAQEL -BQAwgagxCzAJBgNVBAYTAkNBMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQH -DA1TYW4gRnJhbmNpc2NvMRkwFwYDVQQKDBBMaW51eCBGb3VuZGF0aW9uMRUwEwYD -VQQDDAxsb2NhbGhvc3QtY2ExOjA4BgkqhkiG9w0BCQEWK2FnbC1kZXYtY29tbXVu -aXR5QGxpc3RzLmF1dG9tb3RpdmVsaW51eC5vcmcwHhcNMjMwNDI0MjIzMDIxWhcN -MjUwNDIzMjIzMDIxWjCBojELMAkGA1UEBhMCQ0ExEzARBgNVBAgMCkNhbGlmb3Ju -aWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xGTAXBgNVBAoMEExpbnV4IEZvdW5k -YXRpb24xDzANBgNVBAMMBkNsaWVudDE6MDgGCSqGSIb3DQEJARYrYWdsLWRldi1j -b21tdW5pdHlAbGlzdHMuYXV0b21vdGl2ZWxpbnV4Lm9yZzCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBALN6TtGLoBtHs7VXTyRnvFVdxaXuwqvRdX3EReu0 -1xUtYINjgYXGqmQdUl27xnw/M8TZ3liRwjBclE9VXz4h6RPp/nwyFW5UWW095iG4 -YdnoUZmmlfakhWSKNy9Is7JIxPW08zOz+Xyi46he6E/ycmX53ckwkOtMXU7YfOD8 -SPbyfBBG6lPg2MEHWbG/RIFNsRyzP0eeWRE/hO6VG9QR3cMHWP1uOKeuhh7Vs6mM -Dnt1qZstx/jgpuQ2CTSHFx/WN14qOloJuhGG+4weUwQfH2/+U/QYaayho8aVY/5V -SSAU5w1ybTO/uCOuOaXBoImUa+WHJ9Y3KmmLiu3xyixWkA0CAwEAAaOCAQswggEH -MBEGA1UdEQQKMAiCBkNsaWVudDAdBgNVHQ4EFgQU4aMBo5rpsGugc0BTIQXR/wYZ -GIUwgdIGA1UdIwSByjCBx6GBrqSBqzCBqDELMAkGA1UEBhMCQ0ExEzARBgNVBAgM -CkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xGTAXBgNVBAoMEExp -bnV4IEZvdW5kYXRpb24xFTATBgNVBAMMDGxvY2FsaG9zdC1jYTE6MDgGCSqGSIb3 -DQEJARYrYWdsLWRldi1jb21tdW5pdHlAbGlzdHMuYXV0b21vdGl2ZWxpbnV4Lm9y -Z4IUXwVzT6Sucujisrq0PxlLklUZfeQwDQYJKoZIhvcNAQELBQADggEBAKUoAd0w -+k9+9XVFkm3CXLSKMXoVJ5lx1kX4661/fUtGH7cbPUyCSDxLXdotihWcODdrt7ha -MUOOQeWl8qMMPVB7Dw/8zNVn9Y0uiQ72ItQb7HTogXWEa72g/Ur2i5Bn/SIGpHho -gtHpzTSSyeotHP2QvemviLBYixWN+yN3w2VOcL+TUU5cuwmuHMNry1rl6RpozTb0 -glTZC/RpIuuYmaVQU1JCKWn5GIvC1AqAPdl6lGw2HRFEo13sMyedjOKnj8W1+8XO -6lWhXQTeWazHiRiG1ZKicfR1chlbNxvhJOqmgDpNkr7m/W+JZgoa4sZVswQRJ3TG -2mBSoxums2VW2nc= +MIIEBjCCAu6gAwIBAgIUeUuog3JmZGhkE0nRcATDuclsVvkwDQYJKoZIhvcNAQEL +BQAwgasxCzAJBgNVBAYTAlVTMRYwFAYDVQQIDA1TYW4gRnJhbmNpc2NvMRMwEQYD +VQQHDApDYWxpZm9ybmlhMRwwGgYDVQQKDBNhdXRvbW90aXZlbGludXgub3JnMRUw +EwYDVQQDDAxsb2NhbGhvc3QtY2ExOjA4BgkqhkiG9w0BCQEWK2FnbC1kZXYtY29t +bXVuaXR5QGxpc3RzLmF1dG9tb3RpdmVsaW51eC5vcmcwHhcNMjMwNzIwMjAzODU1 +WhcNMjcwNzE5MjAzODU1WjCBpTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBG +cmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExHDAaBgNVBAoME2F1dG9tb3Rp +dmVsaW51eC5vcmcxDzANBgNVBAMMBkNsaWVudDE6MDgGCSqGSIb3DQEJARYrYWds +LWRldi1jb21tdW5pdHlAbGlzdHMuYXV0b21vdGl2ZWxpbnV4Lm9yZzCCASIwDQYJ +KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMiErBzBsMvHb4cfrT0DhrYLW/WA1ktJ +ETD3DqLt0JVIwHF5s709nSyMDp50WAUvZxDQ6iOMedshAlAcFTSL6HomZUKoyoUq +9gTqcCSICYKniq+IXrFPTPbNzg6kdrHVIb+3ueLEWEhb+R7N+R6K694LkkYddhbV +ofoi09jyO+Y24tyoz5iuMmRiZqEkFofqv74QeQkLXQHAP9PGqGZ4cjDhqgTM5oa9 +Tw5u1G82SHKdi8bN8atzwSauXjBejd0vLLBE8+1jql9L5wXYJeA4TGAlYK46aV85 +nGGG5JuLpbilX/LEe3AG0mqFFH7dhuJi1zQRNUSVaWK8xyEFuzqYY6kCAwEAAaMm +MCQwIgYDVR0RBBswGYIGQ2xpZW50gglsb2NhbGhvc3SHBH8AAAEwDQYJKoZIhvcN +AQELBQADggEBAGtM7LGk4PhEgrjLXr7tdRn/VSwUv+HLDmtgkMFsAqYolTwtK7eK +1XgNF2j6Yo4ma/efd8Td9wjKkrfkxQRCpM5gjNLhiZsBRO/HW4GiC3GKz0ELijE2 +7JU7xikawSE6Zvvj1t33KJ5uGDowv2tvDbCB76ecGohTb5O7mpe+fxMlt+d4vPku +uTfAaNfl8+oSo7suy3842ANpxteoxfVHZgG0FjdMKjSKxCyxI3buLltlQ7G+39QS +/cwuRTOp0UNPpiHWDKVOXL8qW/ZHpocGFlErstEQjUz+3/WglMlTK07ocRVQjQc6 +mAo4aKRaaHi5Khn+KPrRDnS+Rl8xEzSsBeo= -----END CERTIFICATE----- diff --git a/recipes-connectivity/kuksa-val/kuksa-certificates-agl/Server.key b/recipes-connectivity/kuksa-val/kuksa-certificates-agl/Server.key index c1344fca1..8b9c6ac66 100644 --- a/recipes-connectivity/kuksa-val/kuksa-certificates-agl/Server.key +++ b/recipes-connectivity/kuksa-val/kuksa-certificates-agl/Server.key @@ -1,28 +1,27 @@ ------BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDcc0Doe3/eEaGA -4yr3ql24LNcXc64TY65l1l+4WRgeFaQ7/W2z3eJU6sblDyJjah8Ydug87xPdROW9 -KUBuTYLrkdX71IOx8Y8t0zRTdk+5CujokoxLY5aEQc+aXebit0xowWuAg6hM/j+I -b0bokVrD+aB4MoC1i8KqXau5E3u4b35cnoaD7B1ks4piXM9hV/jPIpkzKNieXD9f -beECsohNRaZgkSpPq0it41Bfr8/8CUAOJZ920kWUr5uJNqR5oZ6Z7rBVbzFENDK8 -qiDklh242x39ZtDwqO6bE+r6gLutSwNsoLbeykvjgf2FgKol3g+JsTIVdkZutN9Z -CQZZ8Q6fAgMBAAECggEAUrFbBjoZV2xGqEnOetOpzyXm0zG9+SD5sNKu2kB1ZweY -MTaZ2ZAgT9k3nYHFVQRgQLWN3RmTWnt3MDNSq22g8Aum+I2Zjvy9SCPDK5GkSxW4 -E1Gxla/4LIlhPhb+Pkoiu+LeF/mK/sKag2u2bhPkN8IiOyQ6mp8f+PclLMoNrTtX -CL9VH2GmVi0LR5zMRgQAdCfFZDo/e4aXDNs+LReiOlLUcI+klia/fn0HHe4Jet8h -t8LoYza/FkCOvLjb6/2A7WYhE6rzWTJDH33Gk7+j/Mae+LUHx4UROL77tD2GCXfB -0c4eFLaoXN2s1+UjCmnere/qJqVCE7ipeHarhmh/uQKBgQDjrVGYISamora4bzE/ -PLE4lkNJcxpyONs7d7WVUzs7WuD1ELW3gFBLeDDKhhL/Ifq+YexOCl71NmUwmowz -Pbj/lhgkpNXMu+gTyKLhnCMFPOGHnSk7c+io+Nc/ZwQ8KyP/8KQdfIgNpY79ldQK -1TnW7kfjaq4q+0688ilEV/zaNwKBgQD338l/qtnF7ESAd8j+0ICXSPwetTmKd0oZ -U4XCNqU/K5VneJVhOUcntGnl6OM2QmC5rXeNf27OlcRdbvl+rJgEMtwN/aCilw6s -PFCJX+4DldScmuD/bFdL25T6JMCKyUtWi/+EIF7BJP4ugS6j/s7aXJ9LjDK9MXv6 -2aEVmeGa2QKBgQC0PiLpZ908cHZtHoIDSR4X6UWNoVUfdgmBU6zqcYDj5XdQK5Fg -m3F1vcoKmwfw+UqTa9xyj91LDWwghUlWy5dop7+nSuODeIMrHlxsdXp4DBGTlgTt -bz6SfqWRKRH+PDz8wtp6CXuAKkBAW1wJ03I9yFgbHvqRRnC4PpIS7AFeEwKBgQCH -Q0ye6WnLUuISxMsfGkKBy+chDr3mrK/34Bcm41ELhsoR28CQfIQyy4XaW1rZ+iD0 -Ug/iXD7oZtvwLKXjlWWjLOnejKAC+bGdFZDRVlL5C+Mozm+nksSUda/3TOTxF2WQ -Rfdab5ulhH1cfUwpW9wfVtnqjQgHLCC+w9HeismNCQKBgF7Jqgf4zB/4nSz9L5J1 -OCiBeER7ABoVjIaIW10VmAlZr++bhuaRCnGEPMJNKrYl63bx42CoRAYWXMqMdDlv -NMiPuaoPrDY6kZaUT4C6bxp7nIT/yo2/SopgfZJ1f7y4qS3cwW9xDWgM9lyoI26Y -nt3OAtJB0mS1n7YBR8IdCVso ------END PRIVATE KEY----- +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAzGvmH7adlcMVdfblKg56EkgiSkR45IrRaIMH/AKUcK/4EJdk +Jx3NoHuYuiTTreiovt9b5FjqV8txuJ579e4O9GyDELN1r9stR5y8zEbFQuf8afxK +Bl0JPnhXOxi7nUq92rn0H7jpm0a9WQvmbdRsFVfafNoeC4Dz1PeGMN4tHYtHHCnq +Ye5Sr7yT/eZ8RMUoXB560akRctA/pQWEwYbNps02HJs+jeNsJuXTgXpsirTy2RR5 +TKLmZjQMovxW85zYpSS9fRprwpzqeHhWbJBWWNeP8Y20nkRbAaAktc8IrlmhFMLh +4n0L1B0s0+Xn/9kt98pNSDCJPzH6Ar4LoDPDfwIDAQABAoIBAAyG0CNBXYa/3aDM +8F4TZQeZxAApEf9vQkXVQbf/sHj3T4w0ur5q5R7gdAt0FkSh7TVFGqxzhmi63s0h +aRc471GrFJ0BYkTUeYHZ6PfbnlrrPFyCSUb6jIZ3eWD1swmAewHcQ0luW2JYg2Hh +iM1SJw1nxMvB0fWCgW6bfG2iL8GPmyrVyhyrfebZdEaUUnjvfqLWroIoBZ2B0roa +dZ/VDlXzN8wspyziCqlumiq+R3b9+abBtHLyG13DQAhVYGksbX+5W4s1Yy6nwG0S +yyRh2cK5c2MPrjqHmJr1GqlXItmEnqkjiVlg/qZDEyalWHcKFNGNaURSz7RWNwo2 +cWZv8AECgYEA/h76+2yjvYfDeZRiKRfN9imfT9F6T4VoGgfoZODIe6uLsOQOeiKR +lqjj6bdIP8CDsfcHhb38FblYsgm6GFZiROQafRjVfj2yWiasQszFTOzLDRqR8LNs +nZSUv7zlPziJ28VBs1DF5lZSNbzFXEKxAWdGAINC1POdKZOi2UCUwYECgYEAze7X +7ML1QV+ZipnszLiRvccQ7kMUw51g/hi0Fw//tkCC8FnsbR489GDb8l+V/IR9tNov +7y5cd/NRziGVUhXH67ZnXa2k5yRYxhFWQxpgEEUWUhsfYVqppMj7vMjcxVa85A0R +2hzI/kWWWWcowwuHSmuoU8xRZlNdA2cbefeBBP8CgYEArm8hpRhLxTu+CGS8hKyc +ak7j1mxaYt+WN9gZw7UwqQN2HfRNo7S67wn7eGChLXG+dJi3By0ELv1NTtiybyZM +yjExpZE4azF6jbtiH3BkNouMTfBhITJoajqlaIAHdMAgkUTz9lyJm7TBNbXgW5ZD +3ky/lnaDl52p0fJPpIVaFwECgYEAyhsRYTUJPGqVpxhf9Z9isY0wCZZeR4kqStZ1 +0HiMLxLrLvYh+gmGKxTwZ9P1wIlLUfYcuzGV4Mc1TwdYo+HqfmRa1+52e78JPQKA +1YSKKQ2U1Wn3BzXSbn4tyd6cBTSWV36YOaasgBhNcVqz/5BN6/Tyk6Nfc/x2ucM0 +jSQiRIMCgYADss1PeYdANwbw8n29mXEGkk6qfVh54MU/AoS2v6kk6fqAHNFsb9vJ +m3JkRYSh3kSKwKgD97oGMpbxLr0wVj69s4s8wPjhNo4RZALCB/sj9hra7rsoRzmQ +apSPbfLaWVZEqg3fj0gCamSq8PGjY4fA9RNHOB751M2oszpQb8bdpA== +-----END RSA PRIVATE KEY----- diff --git a/recipes-connectivity/kuksa-val/kuksa-certificates-agl/Server.pem b/recipes-connectivity/kuksa-val/kuksa-certificates-agl/Server.pem index b4add6a20..4b181e9a3 100644 --- a/recipes-connectivity/kuksa-val/kuksa-certificates-agl/Server.pem +++ b/recipes-connectivity/kuksa-val/kuksa-certificates-agl/Server.pem @@ -1,29 +1,24 @@ -----BEGIN CERTIFICATE----- -MIIE5zCCA8+gAwIBAgIUZsoE7a5zcY96l9fWgANt2eueQ+YwDQYJKoZIhvcNAQEL -BQAwgagxCzAJBgNVBAYTAkNBMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQH -DA1TYW4gRnJhbmNpc2NvMRkwFwYDVQQKDBBMaW51eCBGb3VuZGF0aW9uMRUwEwYD -VQQDDAxsb2NhbGhvc3QtY2ExOjA4BgkqhkiG9w0BCQEWK2FnbC1kZXYtY29tbXVu -aXR5QGxpc3RzLmF1dG9tb3RpdmVsaW51eC5vcmcwHhcNMjMwNDI0MjIzMDIwWhcN -MjUwNDIzMjIzMDIwWjCBojELMAkGA1UEBhMCQ0ExEzARBgNVBAgMCkNhbGlmb3Ju -aWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xGTAXBgNVBAoMEExpbnV4IEZvdW5k -YXRpb24xDzANBgNVBAMMBlNlcnZlcjE6MDgGCSqGSIb3DQEJARYrYWdsLWRldi1j -b21tdW5pdHlAbGlzdHMuYXV0b21vdGl2ZWxpbnV4Lm9yZzCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBANxzQOh7f94RoYDjKveqXbgs1xdzrhNjrmXWX7hZ -GB4VpDv9bbPd4lTqxuUPImNqHxh26DzvE91E5b0pQG5NguuR1fvUg7Hxjy3TNFN2 -T7kK6OiSjEtjloRBz5pd5uK3TGjBa4CDqEz+P4hvRuiRWsP5oHgygLWLwqpdq7kT -e7hvflyehoPsHWSzimJcz2FX+M8imTMo2J5cP19t4QKyiE1FpmCRKk+rSK3jUF+v -z/wJQA4ln3bSRZSvm4k2pHmhnpnusFVvMUQ0MryqIOSWHbjbHf1m0PCo7psT6vqA -u61LA2ygtt7KS+OB/YWAqiXeD4mxMhV2Rm6031kJBlnxDp8CAwEAAaOCAQswggEH -MBEGA1UdEQQKMAiCBlNlcnZlcjAdBgNVHQ4EFgQUedz2Wv71G96LFYZ6aZjLLuIr -ZRMwgdIGA1UdIwSByjCBx6GBrqSBqzCBqDELMAkGA1UEBhMCQ0ExEzARBgNVBAgM -CkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xGTAXBgNVBAoMEExp -bnV4IEZvdW5kYXRpb24xFTATBgNVBAMMDGxvY2FsaG9zdC1jYTE6MDgGCSqGSIb3 -DQEJARYrYWdsLWRldi1jb21tdW5pdHlAbGlzdHMuYXV0b21vdGl2ZWxpbnV4Lm9y -Z4IUXwVzT6Sucujisrq0PxlLklUZfeQwDQYJKoZIhvcNAQELBQADggEBAHHH/Vt1 -QNvlrx70cY7mgDCWD6sGXfTqa0rLUhGdO2AlZ6G99TghGn+b01Aw2RsJXAGoQdnV -jA/HLP0gPtEhsdp6NTi5qaLcYauo2DoWtb9h4jdcOvetiagkWdap9O3ew1p6wlVN -VBLSRemm1JeG0jy4qM0fLr/nUuS2HzUQX+UGqSAS51W15h39LmmPhCPigMwhsHEr -ZI+V0CDziY48jKhhJsw+4dFfVMy1Y4PZwk+QlT1PhWVya9kEqT16jFgxhu4frPWr -/zJOErH97NgBdCrnfpurT8wCrzWGRsP3WmcL/bjYjljZlYS60Zi2vImL5Be6V92d -nJm2J21qgfOjNlw= +MIIEBjCCAu6gAwIBAgIUeUuog3JmZGhkE0nRcATDuclsVvgwDQYJKoZIhvcNAQEL +BQAwgasxCzAJBgNVBAYTAlVTMRYwFAYDVQQIDA1TYW4gRnJhbmNpc2NvMRMwEQYD +VQQHDApDYWxpZm9ybmlhMRwwGgYDVQQKDBNhdXRvbW90aXZlbGludXgub3JnMRUw +EwYDVQQDDAxsb2NhbGhvc3QtY2ExOjA4BgkqhkiG9w0BCQEWK2FnbC1kZXYtY29t +bXVuaXR5QGxpc3RzLmF1dG9tb3RpdmVsaW51eC5vcmcwHhcNMjMwNzIwMjAzODU1 +WhcNMjcwNzE5MjAzODU1WjCBpTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBG +cmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExHDAaBgNVBAoME2F1dG9tb3Rp +dmVsaW51eC5vcmcxDzANBgNVBAMMBlNlcnZlcjE6MDgGCSqGSIb3DQEJARYrYWds +LWRldi1jb21tdW5pdHlAbGlzdHMuYXV0b21vdGl2ZWxpbnV4Lm9yZzCCASIwDQYJ +KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMxr5h+2nZXDFXX25SoOehJIIkpEeOSK +0WiDB/wClHCv+BCXZCcdzaB7mLok063oqL7fW+RY6lfLcbiee/XuDvRsgxCzda/b +LUecvMxGxULn/Gn8SgZdCT54VzsYu51Kvdq59B+46ZtGvVkL5m3UbBVX2nzaHguA +89T3hjDeLR2LRxwp6mHuUq+8k/3mfETFKFweetGpEXLQP6UFhMGGzabNNhybPo3j +bCbl04F6bIq08tkUeUyi5mY0DKL8VvOc2KUkvX0aa8Kc6nh4VmyQVljXj/GNtJ5E +WwGgJLXPCK5ZoRTC4eJ9C9QdLNPl5//ZLffKTUgwiT8x+gK+C6Azw38CAwEAAaMm +MCQwIgYDVR0RBBswGYIGU2VydmVygglsb2NhbGhvc3SHBH8AAAEwDQYJKoZIhvcN +AQELBQADggEBAKLnUuIYKU7kX6hw2kWziAzvucZCwkKDnMK1/xqakcgfnFw+z8nu +XSqNsXX0KNBfy0xhZ66Uc9rL37RG+smidxJxy+QmDi3c/Ooqj7DxbZwVXzstnbBp ++iqgfqjadC8Glfci7cfCnl7X4O3oQqo99BJDo7JH3S39fe98mG4mXa1WblKiWnkc +yDtUnf7eFbFeNbVkL94HGzOtghShHokGyt9vZKyGf+szCPPWiIDldLq/CUpPFEnD +AqUhTYBXbHZNZJHAEJ0waJqLxmytt19mAv03aaIMYUpBR0CMvjfDNn5x2Bp86v3A +YW544bNsyHfbvK0ZqwvOaV3sIKG7Bzm2pOA= -----END CERTIFICATE----- diff --git a/recipes-connectivity/kuksa-val/kuksa-certificates-agl/genCertsAGL.sh b/recipes-connectivity/kuksa-val/kuksa-certificates-agl/genCertsAGL.sh new file mode 100755 index 000000000..b078fd1b2 --- /dev/null +++ b/recipes-connectivity/kuksa-val/kuksa-certificates-agl/genCertsAGL.sh @@ -0,0 +1,58 @@ +#!/bin/bash + + +genCAKey() { + openssl genrsa -out CA.key 2048 +} + + +genCACert() { + openssl req -key CA.key -new -out CA.csr -subj "/C=US/ST=San Francisco/L=California/O=automotivelinux.org/CN=localhost-ca/emailAddress=agl-dev-community@lists.automotivelinux.org" + openssl x509 -signkey CA.key -in CA.csr -req -days 3650 -out CA.pem +} + +genKey() { + openssl genrsa -out $1.key 2048 +} + +genCert() { + openssl req -new -key $1.key -out $1.csr -passin pass:"temp" -subj "/C=US/ST=San Francisco/L=California/O=automotivelinux.org/CN=$1/emailAddress=agl-dev-community@lists.automotivelinux.org" + openssl x509 -req -in $1.csr -extfile <(printf "subjectAltName=DNS:$1,DNS:localhost,IP:127.0.0.1") -CA CA.pem -CAkey CA.key -CAcreateserial -days 1460 -out $1.pem + openssl verify -CAfile CA.pem $1.pem +} + +set -e +# Check if the CA is available, else make CA certificates +if [ -f "CA.key" ]; then + echo "Existing CA.key will be used" +else + echo "No CA.key found, will generate new key" + genCAKey + rm -f CA.pem + echo "" +fi + +# Check if the CA.pem is available, else generate a new CA.pem +if [ -f "CA.pem" ]; then + echo "CA.pem will not be regenerated" +else + echo "No CA.pem found, will generate new CA.pem" + genCACert + echo "" +fi + + +for i in Server Client; +do + if [ -f $i.key ]; then + echo "Existing $i.key will be used" + else + echo "No $i.key found, will generate new key" + genKey $i + fi + echo "" + echo "Generating $i.pem" + genCert $i + echo "" +done + -- 2.16.6